forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
947 lines
47 KiB
Diff
947 lines
47 KiB
Diff
---
|
|
apps/openssl-vms.cnf | 18 ++++
|
|
crypto/dh/dh_err.c | 8 -
|
|
crypto/dsa/dsa_err.c | 8 +
|
|
crypto/ec/ec_err.c | 29 ++++++-
|
|
crypto/err/openssl.txt | 40 +++++++++
|
|
crypto/evp/evp_err.c | 6 -
|
|
crypto/fips/fips_ers.c | 189 +++++++++++++++++++++++++++++++++++++++++++++--
|
|
crypto/rsa/rsa_err.c | 23 +++--
|
|
include/openssl/dherr.h | 15 +--
|
|
include/openssl/dsaerr.h | 18 +---
|
|
include/openssl/ecerr.h | 7 -
|
|
include/openssl/evperr.h | 19 ++--
|
|
include/openssl/rsaerr.h | 32 +++----
|
|
13 files changed, 333 insertions(+), 79 deletions(-)
|
|
|
|
--- a/apps/openssl-vms.cnf
|
|
+++ b/apps/openssl-vms.cnf
|
|
@@ -11,6 +11,24 @@
|
|
# defined.
|
|
HOME = .
|
|
|
|
+openssl_conf = openssl_init
|
|
+
|
|
+[ openssl_init ]
|
|
+
|
|
+engines = engine_section
|
|
+
|
|
+[ engine_section ]
|
|
+
|
|
+# This include will look through the directory that will contain the
|
|
+# engine declarations for any engines provided by other packages.
|
|
+.include /etc/ssl/engines1.1.d
|
|
+
|
|
+# This include will look through the directory that will contain the
|
|
+# definitions of the engines declared in the engine section.
|
|
+.include /etc/ssl/engdef1.1.d
|
|
+
|
|
+[ oid_section ]
|
|
+
|
|
# Extra OBJECT IDENTIFIER info:
|
|
#oid_file = $ENV::HOME/.oid
|
|
oid_section = new_oids
|
|
--- a/crypto/dh/dh_err.c
|
|
+++ b/crypto/dh/dh_err.c
|
|
@@ -26,8 +26,8 @@ static const ERR_STRING_DATA DH_str_func
|
|
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0),
|
|
"dh_cms_set_shared_info"},
|
|
{ERR_PACK(ERR_LIB_DH, DH_F_DH_COMPUTE_KEY, 0), "DH_compute_key"},
|
|
- {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_KEY, 0), "DH_generate_key"},
|
|
- {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0), "DH_generate_parameters_ex"},
|
|
+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_GENERATE_PARAMETERS_EX, 0),
|
|
+ "DH_generate_parameters_ex"},
|
|
{ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"},
|
|
{ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"},
|
|
{ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"},
|
|
@@ -78,11 +78,11 @@ static const ERR_STRING_DATA DH_str_reas
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"},
|
|
+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non fips method"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_NOT_SUITABLE_GENERATOR),
|
|
"not suitable generator"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"},
|
|
- {ERR_PACK(ERR_LIB_DH, 0, DH_R_NON_FIPS_METHOD), "non FIPS method"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
|
|
"parameter encoding error"},
|
|
{ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
|
|
--- a/crypto/dsa/dsa_err.c
|
|
+++ b/crypto/dsa/dsa_err.c
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -24,7 +24,8 @@ static const ERR_STRING_DATA DSA_str_fun
|
|
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, 0), "DSA_do_sign"},
|
|
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_VERIFY, 0), "DSA_do_verify"},
|
|
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_KEY, 0), "DSA_generate_key"},
|
|
- {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0), "DSA_generate_parameters_ex"},
|
|
+ {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_GENERATE_PARAMETERS_EX, 0),
|
|
+ "DSA_generate_parameters_ex"},
|
|
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_DUP, 0), "DSA_meth_dup"},
|
|
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_NEW, 0), "DSA_meth_new"},
|
|
{ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_SET1_NAME, 0), "DSA_meth_set1_name"},
|
|
@@ -60,8 +61,9 @@ static const ERR_STRING_DATA DSA_str_rea
|
|
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY),
|
|
"missing private key"},
|
|
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
|
|
+ {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD),
|
|
+ "non fips dsa method"},
|
|
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"},
|
|
- {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NON_FIPS_DSA_METHOD), "non FIPS DSA method"},
|
|
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR),
|
|
"parameter encoding error"},
|
|
{ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"},
|
|
--- a/crypto/ec/ec_err.c
|
|
+++ b/crypto/ec/ec_err.c
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -27,9 +27,19 @@ static const ERR_STRING_DATA EC_str_func
|
|
"ecdh_simple_compute_key"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_DO_SIGN_EX, 0), "ECDSA_do_sign_ex"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_DO_VERIFY, 0), "ECDSA_do_verify"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_SIGN_SIG, 0),
|
|
+ "ecdsa_s390x_nistp_sign_sig"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_S390X_NISTP_VERIFY_SIG, 0),
|
|
+ "ecdsa_s390x_nistp_verify_sig"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_EX, 0), "ECDSA_sign_ex"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SETUP, 0),
|
|
+ "ecdsa_simple_sign_setup"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_SIGN_SIG, 0),
|
|
+ "ecdsa_simple_sign_sig"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIMPLE_VERIFY_SIG, 0),
|
|
+ "ecdsa_simple_verify_sig"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_VERIFY, 0), "ECDSA_verify"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECD_ITEM_VERIFY, 0), "ecd_item_verify"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM2TYPE, 0), "eckey_param2type"},
|
|
@@ -193,6 +203,7 @@ static const ERR_STRING_DATA EC_str_func
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRINT_FP, 0), "EC_KEY_print_fp"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRIV2BUF, 0), "EC_KEY_priv2buf"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRIV2OCT, 0), "EC_KEY_priv2oct"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PUBLIC_CHECK, 0), "ec_key_public_check"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, 0),
|
|
"EC_KEY_set_public_key_affine_coordinates"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SIMPLE_CHECK_KEY, 0),
|
|
@@ -266,6 +277,8 @@ static const ERR_STRING_DATA EC_str_func
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_OLD_EC_PRIV_DECODE, 0), "old_ec_priv_decode"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDH_COMPUTE_KEY, 0),
|
|
"ossl_ecdh_compute_key"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SETUP, 0),
|
|
+ "ossl_ecdsa_sign_setup"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SIG, 0), "ossl_ecdsa_sign_sig"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_VERIFY_SIG, 0),
|
|
"ossl_ecdsa_verify_sig"},
|
|
@@ -284,6 +297,18 @@ static const ERR_STRING_DATA EC_str_func
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_KEYGEN, 0), "pkey_ec_keygen"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_PARAMGEN, 0), "pkey_ec_paramgen"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_SIGN, 0), "pkey_ec_sign"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN25519, 0),
|
|
+ "s390x_pkey_ecd_digestsign25519"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_DIGESTSIGN448, 0),
|
|
+ "s390x_pkey_ecd_digestsign448"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN25519, 0),
|
|
+ "s390x_pkey_ecd_keygen25519"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECD_KEYGEN448, 0),
|
|
+ "s390x_pkey_ecd_keygen448"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN25519, 0),
|
|
+ "s390x_pkey_ecx_keygen25519"},
|
|
+ {ERR_PACK(ERR_LIB_EC, EC_F_S390X_PKEY_ECX_KEYGEN448, 0),
|
|
+ "s390x_pkey_ecx_keygen448"},
|
|
{ERR_PACK(ERR_LIB_EC, EC_F_VALIDATE_ECX_DERIVE, 0), "validate_ecx_derive"},
|
|
{0, NULL}
|
|
};
|
|
@@ -298,6 +323,8 @@ static const ERR_STRING_DATA EC_str_reas
|
|
"coordinates out of range"},
|
|
{ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH),
|
|
"curve does not support ecdh"},
|
|
+ {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA),
|
|
+ "curve does not support ecdsa"},
|
|
{ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
|
|
"curve does not support signing"},
|
|
{ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE),
|
|
--- a/crypto/err/openssl.txt
|
|
+++ b/crypto/err/openssl.txt
|
|
@@ -408,6 +408,8 @@ DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pu
|
|
DH_F_DH_CMS_DECRYPT:114:dh_cms_decrypt
|
|
DH_F_DH_CMS_SET_PEERKEY:115:dh_cms_set_peerkey
|
|
DH_F_DH_CMS_SET_SHARED_INFO:116:dh_cms_set_shared_info
|
|
+DH_F_DH_COMPUTE_KEY:126:DH_compute_key
|
|
+DH_F_DH_GENERATE_PARAMETERS_EX:127:DH_generate_parameters_ex
|
|
DH_F_DH_METH_DUP:117:DH_meth_dup
|
|
DH_F_DH_METH_NEW:118:DH_meth_new
|
|
DH_F_DH_METH_SET1_NAME:119:DH_meth_set1_name
|
|
@@ -427,10 +429,13 @@ DH_F_PKEY_DH_INIT:125:pkey_dh_init
|
|
DH_F_PKEY_DH_KEYGEN:113:pkey_dh_keygen
|
|
DSA_F_DSAPARAMS_PRINT:100:DSAparams_print
|
|
DSA_F_DSAPARAMS_PRINT_FP:101:DSAparams_print_fp
|
|
+DSA_F_DSA_BUILTIN_KEYGEN:108:dsa_builtin_keygen
|
|
DSA_F_DSA_BUILTIN_PARAMGEN:125:dsa_builtin_paramgen
|
|
DSA_F_DSA_BUILTIN_PARAMGEN2:126:dsa_builtin_paramgen2
|
|
DSA_F_DSA_DO_SIGN:112:DSA_do_sign
|
|
DSA_F_DSA_DO_VERIFY:113:DSA_do_verify
|
|
+DSA_F_DSA_GENERATE_KEY:109:DSA_generate_key
|
|
+DSA_F_DSA_GENERATE_PARAMETERS_EX:110:DSA_generate_parameters_ex
|
|
DSA_F_DSA_METH_DUP:127:DSA_meth_dup
|
|
DSA_F_DSA_METH_NEW:128:DSA_meth_new
|
|
DSA_F_DSA_METH_SET1_NAME:129:DSA_meth_set1_name
|
|
@@ -494,15 +499,15 @@ EC_F_ECDH_COMPUTE_KEY:246:ECDH_compute_k
|
|
EC_F_ECDH_SIMPLE_COMPUTE_KEY:257:ecdh_simple_compute_key
|
|
EC_F_ECDSA_DO_SIGN_EX:251:ECDSA_do_sign_ex
|
|
EC_F_ECDSA_DO_VERIFY:252:ECDSA_do_verify
|
|
+EC_F_ECDSA_S390X_NISTP_SIGN_SIG:313:ecdsa_s390x_nistp_sign_sig
|
|
+EC_F_ECDSA_S390X_NISTP_VERIFY_SIG:314:ecdsa_s390x_nistp_verify_sig
|
|
EC_F_ECDSA_SIGN_EX:254:ECDSA_sign_ex
|
|
EC_F_ECDSA_SIGN_SETUP:248:ECDSA_sign_setup
|
|
EC_F_ECDSA_SIG_NEW:265:ECDSA_SIG_new
|
|
-EC_F_ECDSA_VERIFY:253:ECDSA_verify
|
|
EC_F_ECDSA_SIMPLE_SIGN_SETUP:310:ecdsa_simple_sign_setup
|
|
EC_F_ECDSA_SIMPLE_SIGN_SIG:311:ecdsa_simple_sign_sig
|
|
EC_F_ECDSA_SIMPLE_VERIFY_SIG:312:ecdsa_simple_verify_sig
|
|
-EC_F_ECDSA_S390X_NISTP_SIGN_SIG:313:ecdsa_s390x_nistp_sign_sig
|
|
-EC_F_ECDSA_S390X_NISTP_VERIFY_SIG:314:ecdsa_s390x_nistp_verify_sig
|
|
+EC_F_ECDSA_VERIFY:253:ECDSA_verify
|
|
EC_F_ECD_ITEM_VERIFY:270:ecd_item_verify
|
|
EC_F_ECKEY_PARAM2TYPE:223:eckey_param2type
|
|
EC_F_ECKEY_PARAM_DECODE:212:eckey_param_decode
|
|
@@ -610,6 +615,7 @@ EC_F_EC_KEY_PRINT:180:EC_KEY_print
|
|
EC_F_EC_KEY_PRINT_FP:181:EC_KEY_print_fp
|
|
EC_F_EC_KEY_PRIV2BUF:279:EC_KEY_priv2buf
|
|
EC_F_EC_KEY_PRIV2OCT:256:EC_KEY_priv2oct
|
|
+EC_F_EC_KEY_PUBLIC_CHECK:299:ec_key_public_check
|
|
EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES:229:\
|
|
EC_KEY_set_public_key_affine_coordinates
|
|
EC_F_EC_KEY_SIMPLE_CHECK_KEY:258:ec_key_simple_check_key
|
|
@@ -735,6 +741,7 @@ EVP_F_AES_OCB_CIPHER:169:aes_ocb_cipher
|
|
EVP_F_AES_T4_INIT_KEY:178:aes_t4_init_key
|
|
EVP_F_AES_T4_XTS_INIT_KEY:208:aes_t4_xts_init_key
|
|
EVP_F_AES_WRAP_CIPHER:170:aes_wrap_cipher
|
|
+EVP_F_AES_XTS_CIPHER:210:aes_xts_cipher
|
|
EVP_F_AES_XTS_INIT_KEY:209:aes_xts_init_key
|
|
EVP_F_ALG_MODULE_INIT:177:alg_module_init
|
|
EVP_F_ARIA_CCM_INIT_KEY:175:aria_ccm_init_key
|
|
@@ -844,6 +851,8 @@ FIPS_F_EVP_CIPHER_CTX_NEW:137:EVP_CIPHER
|
|
FIPS_F_EVP_CIPHER_CTX_RESET:122:EVP_CIPHER_CTX_reset
|
|
FIPS_F_EVP_CIPHERINIT_EX:124:EVP_CipherInit_ex
|
|
FIPS_F_EVP_DIGESTINIT_EX:125:EVP_DigestInit_ex
|
|
+FIPS_F_ECDSA_SIMPLE_SIGN_SIG:104:ecdsa_simple_sign_sig
|
|
+FIPS_F_ECDSA_SIMPLE_VERIFY_SIG:105:ecdsa_simple_verify_sig
|
|
FIPS_F_FIPS_CHECK_DSA:104:fips_check_dsa
|
|
FIPS_F_FIPS_CHECK_EC:142:fips_check_ec
|
|
FIPS_F_FIPS_CHECK_RSA:106:fips_check_rsa
|
|
@@ -874,9 +883,15 @@ FIPS_F_FIPS_SELFTEST_CMAC:130:FIPS_selft
|
|
FIPS_F_FIPS_SELFTEST_DES:111:FIPS_selftest_des
|
|
FIPS_F_FIPS_SELFTEST_DSA:112:FIPS_selftest_dsa
|
|
FIPS_F_FIPS_SELFTEST_ECDSA:133:FIPS_selftest_ecdsa
|
|
+FIPS_F_FIPS_SELFTEST_HKDF:136:FIPS_selftest_hkdf
|
|
FIPS_F_FIPS_SELFTEST_HMAC:113:FIPS_selftest_hmac
|
|
+FIPS_F_FIPS_SELFTEST_PBKDF2:138:FIPS_selftest_pbkdf2
|
|
FIPS_F_FIPS_SELFTEST_SHA1:115:FIPS_selftest_sha1
|
|
FIPS_F_FIPS_SELFTEST_SHA2:105:FIPS_selftest_sha2
|
|
+FIPS_F_FIPS_SELFTEST_SHA3:141:FIPS_selftest_sha3
|
|
+FIPS_F_FIPS_SELFTEST_SSH:142:FIPS_selftest_ssh
|
|
+FIPS_F_FIPS_SELFTEST_TLS:143:FIPS_selftest_tls
|
|
+FIPS_F_OSSL_ECDH_COMPUTE_KEY:144:ossl_ecdh_compute_key
|
|
FIPS_F_OSSL_ECDSA_SIGN_SIG:143:ossl_ecdsa_sign_sig
|
|
FIPS_F_OSSL_ECDSA_VERIFY_SIG:148:ossl_ecdsa_verify_sig
|
|
FIPS_F_RSA_BUILTIN_KEYGEN:116:rsa_builtin_keygen
|
|
@@ -1126,6 +1141,7 @@ RAND_F_RAND_PSEUDO_BYTES:126:RAND_pseudo
|
|
RAND_F_RAND_WRITE_FILE:112:RAND_write_file
|
|
RSA_F_CHECK_PADDING_MD:140:check_padding_md
|
|
RSA_F_ENCODE_PKCS1:146:encode_pkcs1
|
|
+RSA_F_FIPS_RSA_BUILTIN_KEYGEN:168:fips_rsa_builtin_keygen
|
|
RSA_F_INT_RSA_VERIFY:145:int_rsa_verify
|
|
RSA_F_OLD_RSA_PRIV_DECODE:147:old_rsa_priv_decode
|
|
RSA_F_PKEY_PSS_INIT:165:pkey_pss_init
|
|
@@ -1140,6 +1156,8 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key
|
|
RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex
|
|
RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt
|
|
RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify
|
|
+RSA_F_RSA_GENERATE_KEY_EX:169:RSA_generate_key_ex
|
|
+RSA_F_RSA_GENERATE_MULTI_PRIME_KEY:170:RSA_generate_multi_prime_key
|
|
RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify
|
|
RSA_F_RSA_METH_DUP:161:RSA_meth_dup
|
|
RSA_F_RSA_METH_NEW:162:RSA_meth_new
|
|
@@ -1175,12 +1193,18 @@ RSA_F_RSA_PADDING_CHECK_X931:128:RSA_pad
|
|
RSA_F_RSA_PARAM_DECODE:164:rsa_param_decode
|
|
RSA_F_RSA_PRINT:115:RSA_print
|
|
RSA_F_RSA_PRINT_FP:116:RSA_print_fp
|
|
+RSA_F_RSA_PRIVATE_DECRYPT:171:RSA_private_decrypt
|
|
+RSA_F_RSA_PRIVATE_ENCRYPT:172:RSA_private_encrypt
|
|
RSA_F_RSA_PRIV_DECODE:150:rsa_priv_decode
|
|
RSA_F_RSA_PRIV_ENCODE:138:rsa_priv_encode
|
|
RSA_F_RSA_PSS_GET_PARAM:151:rsa_pss_get_param
|
|
RSA_F_RSA_PSS_TO_CTX:155:rsa_pss_to_ctx
|
|
+RSA_F_RSA_PUBLIC_DECRYPT:173:RSA_public_decrypt
|
|
+RSA_F_RSA_PUBLIC_ENCRYPT:174:RSA_public_encrypt
|
|
RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode
|
|
RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding
|
|
+RSA_F_RSA_SET_DEFAULT_METHOD:175:RSA_set_default_method
|
|
+RSA_F_RSA_SET_METHOD:176:RSA_set_method
|
|
RSA_F_RSA_SIGN:117:RSA_sign
|
|
RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING
|
|
RSA_F_RSA_VERIFY:119:RSA_verify
|
|
@@ -2189,8 +2213,10 @@ DH_R_INVALID_PARAMETER_NID:114:invalid p
|
|
DH_R_INVALID_PUBKEY:102:invalid public key
|
|
DH_R_KDF_PARAMETER_ERROR:112:kdf parameter error
|
|
DH_R_KEYS_NOT_SET:108:keys not set
|
|
+DH_R_KEY_SIZE_TOO_SMALL:126:key size too small
|
|
DH_R_MISSING_PUBKEY:125:missing pubkey
|
|
DH_R_MODULUS_TOO_LARGE:103:modulus too large
|
|
+DH_R_NON_FIPS_METHOD:127:non fips method
|
|
DH_R_NOT_SUITABLE_GENERATOR:120:not suitable generator
|
|
DH_R_NO_PARAMETERS_SET:107:no parameters set
|
|
DH_R_NO_PRIVATE_VALUE:100:no private value
|
|
@@ -2204,9 +2230,12 @@ DSA_R_BN_ERROR:109:bn error
|
|
DSA_R_DECODE_ERROR:104:decode error
|
|
DSA_R_INVALID_DIGEST_TYPE:106:invalid digest type
|
|
DSA_R_INVALID_PARAMETERS:112:invalid parameters
|
|
+DSA_R_KEY_SIZE_INVALID:114:key size invalid
|
|
+DSA_R_KEY_SIZE_TOO_SMALL:115:key size too small
|
|
DSA_R_MISSING_PARAMETERS:101:missing parameters
|
|
DSA_R_MISSING_PRIVATE_KEY:111:missing private key
|
|
DSA_R_MODULUS_TOO_LARGE:103:modulus too large
|
|
+DSA_R_NON_FIPS_DSA_METHOD:116:non fips dsa method
|
|
DSA_R_NO_PARAMETERS_SET:107:no parameters set
|
|
DSA_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
|
|
DSA_R_Q_NOT_PRIME:113:q not prime
|
|
@@ -2344,6 +2373,7 @@ EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH:
|
|
EVP_R_DECODE_ERROR:114:decode error
|
|
EVP_R_DIFFERENT_KEY_TYPES:101:different key types
|
|
EVP_R_DIFFERENT_PARAMETERS:153:different parameters
|
|
+EVP_R_DISABLED_FOR_FIPS:185:disabled for fips
|
|
EVP_R_ERROR_LOADING_SECTION:165:error loading section
|
|
EVP_R_ERROR_SETTING_FIPS_MODE:166:error setting fips mode
|
|
EVP_R_EXPECTING_AN_HMAC_KEY:174:expecting an hmac key
|
|
@@ -2389,6 +2419,7 @@ EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREA
|
|
EVP_R_PRIVATE_KEY_DECODE_ERROR:145:private key decode error
|
|
EVP_R_PRIVATE_KEY_ENCODE_ERROR:146:private key encode error
|
|
EVP_R_PUBLIC_KEY_NOT_RSA:106:public key not rsa
|
|
+EVP_R_TOO_LARGE:186:too large
|
|
EVP_R_UNKNOWN_CIPHER:160:unknown cipher
|
|
EVP_R_UNKNOWN_DIGEST:161:unknown digest
|
|
EVP_R_UNKNOWN_OPTION:169:unknown option
|
|
@@ -2711,11 +2742,13 @@ RSA_R_MODULUS_TOO_LARGE:105:modulus too
|
|
RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R:168:mp coefficient not inverse of r
|
|
RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D:169:mp exponent not congruent to d
|
|
RSA_R_MP_R_NOT_PRIME:170:mp r not prime
|
|
+RSA_R_NON_FIPS_RSA_METHOD:171:non fips rsa method
|
|
RSA_R_NO_PUBLIC_EXPONENT:140:no public exponent
|
|
RSA_R_NULL_BEFORE_BLOCK_MISSING:113:null before block missing
|
|
RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES:172:n does not equal product of primes
|
|
RSA_R_N_DOES_NOT_EQUAL_P_Q:127:n does not equal p q
|
|
RSA_R_OAEP_DECODING_ERROR:121:oaep decoding error
|
|
+RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE:173:operation not allowed in fips mode
|
|
RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:148:\
|
|
operation not supported for this keytype
|
|
RSA_R_PADDING_CHECK_FAILED:114:padding check failed
|
|
@@ -2737,6 +2770,7 @@ RSA_R_UNSUPPORTED_ENCRYPTION_TYPE:162:un
|
|
RSA_R_UNSUPPORTED_LABEL_SOURCE:163:unsupported label source
|
|
RSA_R_UNSUPPORTED_MASK_ALGORITHM:153:unsupported mask algorithm
|
|
RSA_R_UNSUPPORTED_MASK_PARAMETER:154:unsupported mask parameter
|
|
+RSA_R_UNSUPPORTED_PARAMETERS:174:unsupported parameters
|
|
RSA_R_UNSUPPORTED_SIGNATURE_TYPE:155:unsupported signature type
|
|
RSA_R_VALUE_MISSING:147:value missing
|
|
RSA_R_WRONG_SIGNATURE_LENGTH:119:wrong signature length
|
|
--- a/crypto/evp/evp_err.c
|
|
+++ b/crypto/evp/evp_err.c
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -192,7 +192,7 @@ static const ERR_STRING_DATA EVP_str_rea
|
|
"different key types"},
|
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS),
|
|
"different parameters"},
|
|
- {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for FIPS"},
|
|
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
|
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION),
|
|
"error loading section"},
|
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE),
|
|
@@ -286,8 +286,6 @@ static const ERR_STRING_DATA EVP_str_rea
|
|
"wrap mode not allowed"},
|
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH),
|
|
"wrong final block length"},
|
|
- {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE),
|
|
- "xts data unit is too large"},
|
|
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS),
|
|
"xts duplicated keys"},
|
|
{0, NULL}
|
|
--- a/crypto/fips/fips_ers.c
|
|
+++ b/crypto/fips/fips_ers.c
|
|
@@ -1,7 +1,186 @@
|
|
-#include <openssl/opensslconf.h>
|
|
+/*
|
|
+ * Generated by util/mkerr.pl DO NOT EDIT
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ *
|
|
+ * Licensed under the OpenSSL license (the "License"). You may not use
|
|
+ * this file except in compliance with the License. You can obtain a copy
|
|
+ * in the file LICENSE in the source distribution or at
|
|
+ * https://www.openssl.org/source/license.html
|
|
+ */
|
|
|
|
-#ifdef OPENSSL_FIPS
|
|
-# include "fips_err.h"
|
|
-#else
|
|
-static void *dummy = &dummy;
|
|
+#include <openssl/err.h>
|
|
+#include "crypto/fipserr.h"
|
|
+
|
|
+#ifndef OPENSSL_NO_ERR
|
|
+
|
|
+static const ERR_STRING_DATA FIPS_str_functs[] = {
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DRBG_RESEED, 0), "drbg_reseed"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DSA_BUILTIN_PARAMGEN2, 0),
|
|
+ "dsa_builtin_paramgen2"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DSA_DO_SIGN, 0), "DSA_do_sign"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_DSA_DO_VERIFY, 0), "DSA_do_verify"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_ECDSA_SIMPLE_SIGN_SIG, 0),
|
|
+ "ecdsa_simple_sign_sig"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_ECDSA_SIMPLE_VERIFY_SIG, 0),
|
|
+ "ecdsa_simple_verify_sig"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_CIPHERINIT_EX, 0), "EVP_CipherInit_ex"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_CIPHER_CTX_NEW, 0),
|
|
+ "EVP_CIPHER_CTX_new"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_CIPHER_CTX_RESET, 0),
|
|
+ "EVP_CIPHER_CTX_reset"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_EVP_DIGESTINIT_EX, 0), "EVP_DigestInit_ex"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_CHECK_DSA, 0), "fips_check_dsa"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_CHECK_EC, 0), "fips_check_ec"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_CHECK_RSA, 0), "fips_check_rsa"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_BYTES, 0), "fips_drbg_bytes"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_CHECK, 0), "fips_drbg_check"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_ERROR_CHECK, 0),
|
|
+ "fips_drbg_error_check"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_GENERATE, 0),
|
|
+ "FIPS_drbg_generate"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_INIT, 0), "FIPS_drbg_init"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_INSTANTIATE, 0),
|
|
+ "FIPS_drbg_instantiate"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_NEW, 0), "FIPS_drbg_new"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_DRBG_SINGLE_KAT, 0),
|
|
+ "fips_drbg_single_kat"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_GET_ENTROPY, 0), "fips_get_entropy"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_MODULE_MODE_SET, 0),
|
|
+ "FIPS_module_mode_set"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_PKEY_SIGNATURE_TEST, 0),
|
|
+ "fips_pkey_signature_test"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_BYTES, 0), "FIPS_rand_bytes"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_SEED, 0), "FIPS_rand_seed"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_SET_METHOD, 0),
|
|
+ "FIPS_rand_set_method"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RAND_STATUS, 0), "FIPS_rand_status"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_RSA_BUILTIN_KEYGEN, 0),
|
|
+ "fips_rsa_builtin_keygen"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES, 0), "FIPS_selftest_aes"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES_CCM, 0),
|
|
+ "FIPS_selftest_aes_ccm"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES_GCM, 0),
|
|
+ "FIPS_selftest_aes_gcm"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_AES_XTS, 0),
|
|
+ "FIPS_selftest_aes_xts"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_CMAC, 0),
|
|
+ "FIPS_selftest_cmac"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_DES, 0), "FIPS_selftest_des"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_ECDSA, 0),
|
|
+ "FIPS_selftest_ecdsa"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_HKDF, 0),
|
|
+ "FIPS_selftest_hkdf"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_HMAC, 0),
|
|
+ "FIPS_selftest_hmac"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_PBKDF2, 0),
|
|
+ "FIPS_selftest_pbkdf2"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SHA1, 0),
|
|
+ "FIPS_selftest_sha1"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SHA2, 0),
|
|
+ "FIPS_selftest_sha2"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SHA3, 0),
|
|
+ "FIPS_selftest_sha3"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_SSH, 0), "FIPS_selftest_ssh"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_FIPS_SELFTEST_TLS, 0), "FIPS_selftest_tls"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_OSSL_ECDH_COMPUTE_KEY, 0),
|
|
+ "ossl_ecdh_compute_key"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PRIVATE_DECRYPT, 0),
|
|
+ "rsa_ossl_private_decrypt"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PRIVATE_ENCRYPT, 0),
|
|
+ "rsa_ossl_private_encrypt"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PUBLIC_DECRYPT, 0),
|
|
+ "rsa_ossl_public_decrypt"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, FIPS_F_RSA_OSSL_PUBLIC_ENCRYPT, 0),
|
|
+ "rsa_ossl_public_encrypt"},
|
|
+ {0, NULL}
|
|
+};
|
|
+
|
|
+static const ERR_STRING_DATA FIPS_str_reasons[] = {
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
|
|
+ "additional input error undetected"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
|
|
+ "additional input too long"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ALREADY_INSTANTIATED),
|
|
+ "already instantiated"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_DRBG_NOT_INITIALISED),
|
|
+ "drbg not initialised"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ENTROPY_ERROR_UNDETECTED),
|
|
+ "entropy error undetected"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
|
|
+ "entropy not requested for reseed"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ENTROPY_SOURCE_STUCK),
|
|
+ "entropy source stuck"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_INITIALISING_DRBG),
|
|
+ "error initialising drbg"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_INSTANTIATING_DRBG),
|
|
+ "error instantiating drbg"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
|
|
+ "error retrieving additional input"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_RETRIEVING_ENTROPY),
|
|
+ "error retrieving entropy"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_ERROR_RETRIEVING_NONCE),
|
|
+ "error retrieving nonce"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
|
|
+ "fingerprint does not match"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FIPS_MODE_ALREADY_SET),
|
|
+ "fips mode already set"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FIPS_SELFTEST_FAILED),
|
|
+ "fips selftest failed"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_FUNCTION_ERROR), "function error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_GENERATE_ERROR), "generate error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_GENERATE_ERROR_UNDETECTED),
|
|
+ "generate error undetected"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_INVALID_KEY_LENGTH),
|
|
+ "invalid key length"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_IN_ERROR_STATE), "in error state"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_KEY_TOO_SHORT), "key too short"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NONCE_ERROR_UNDETECTED),
|
|
+ "nonce error undetected"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NON_FIPS_METHOD), "non fips method"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NOPR_TEST1_FAILURE),
|
|
+ "nopr test1 failure"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NOPR_TEST2_FAILURE),
|
|
+ "nopr test2 failure"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_NOT_INSTANTIATED), "not instantiated"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PAIRWISE_TEST_FAILED),
|
|
+ "pairwise test failed"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
|
|
+ "personalisation error undetected"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PERSONALISATION_STRING_TOO_LONG),
|
|
+ "personalisation string too long"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
|
|
+ "request length error undetected"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
|
|
+ "request too large for drbg"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_RESEED_COUNTER_ERROR),
|
|
+ "reseed counter error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_RESEED_ERROR), "reseed error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_SELFTEST_FAILED), "selftest failed"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_SELFTEST_FAILURE), "selftest failure"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_TEST_FAILURE), "test failure"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNINSTANTIATE_ERROR),
|
|
+ "uninstantiate error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
|
|
+ "uninstantiate zeroise error"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNSUPPORTED_DRBG_TYPE),
|
|
+ "unsupported drbg type"},
|
|
+ {ERR_PACK(ERR_LIB_FIPS, 0, FIPS_R_UNSUPPORTED_PLATFORM),
|
|
+ "unsupported platform"},
|
|
+ {0, NULL}
|
|
+};
|
|
+
|
|
+#endif
|
|
+
|
|
+int ERR_load_FIPS_strings(void)
|
|
+{
|
|
+#ifndef OPENSSL_NO_ERR
|
|
+ if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) {
|
|
+ ERR_load_strings_const(FIPS_str_functs);
|
|
+ ERR_load_strings_const(FIPS_str_reasons);
|
|
+ }
|
|
#endif
|
|
+ return 1;
|
|
+}
|
|
--- a/crypto/rsa/rsa_err.c
|
|
+++ b/crypto/rsa/rsa_err.c
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -34,7 +34,8 @@ static const ERR_STRING_DATA RSA_str_fun
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"},
|
|
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0), "RSA_generate_key_ex"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_KEY_EX, 0),
|
|
+ "RSA_generate_key_ex"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_GENERATE_MULTI_PRIME_KEY, 0),
|
|
"RSA_generate_multi_prime_key"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"},
|
|
@@ -93,16 +94,21 @@ static const ERR_STRING_DATA RSA_str_fun
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PARAM_DECODE, 0), "rsa_param_decode"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT, 0), "RSA_print"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT_FP, 0), "RSA_print_fp"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0),
|
|
+ "RSA_private_decrypt"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0),
|
|
+ "RSA_private_encrypt"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_DECODE, 0), "rsa_priv_decode"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_ENCODE, 0), "rsa_priv_encode"},
|
|
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_DECRYPT, 0), "RSA_private_decrypt"},
|
|
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIVATE_ENCRYPT, 0), "RSA_private_encrypt"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_GET_PARAM, 0), "rsa_pss_get_param"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_TO_CTX, 0), "rsa_pss_to_ctx"},
|
|
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_DECRYPT, 0), "RSA_public_decrypt"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUBLIC_ENCRYPT, 0), "RSA_public_encrypt"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SETUP_BLINDING, 0), "RSA_setup_blinding"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0),
|
|
+ "RSA_set_default_method"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0),
|
|
"RSA_sign_ASN1_OCTET_STRING"},
|
|
@@ -111,8 +117,6 @@ static const ERR_STRING_DATA RSA_str_fun
|
|
"RSA_verify_ASN1_OCTET_STRING"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, 0),
|
|
"RSA_verify_PKCS1_PSS_mgf1"},
|
|
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_DEFAULT_METHOD, 0), "RSA_set_default_method"},
|
|
- {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SET_METHOD, 0), "RSA_set_method"},
|
|
{ERR_PACK(ERR_LIB_RSA, RSA_F_SETUP_TBUF, 0), "setup_tbuf"},
|
|
{0, NULL}
|
|
};
|
|
@@ -193,8 +197,9 @@ static const ERR_STRING_DATA RSA_str_rea
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D),
|
|
"mp exponent not congruent to d"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_R_NOT_PRIME), "mp r not prime"},
|
|
+ {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD),
|
|
+ "non fips rsa method"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
|
|
- {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NON_FIPS_RSA_METHOD), "non FIPS rsa method"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING),
|
|
"null before block missing"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES),
|
|
@@ -204,7 +209,7 @@ static const ERR_STRING_DATA RSA_str_rea
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR),
|
|
"oaep decoding error"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),
|
|
- "operation not allowed in FIPS mode"},
|
|
+ "operation not allowed in fips mode"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
|
|
"operation not supported for this keytype"},
|
|
{ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED),
|
|
--- a/include/openssl/dherr.h
|
|
+++ b/include/openssl/dherr.h
|
|
@@ -11,9 +11,7 @@
|
|
#ifndef HEADER_DHERR_H
|
|
# define HEADER_DHERR_H
|
|
|
|
-# ifndef HEADER_SYMHACKS_H
|
|
-# include <openssl/symhacks.h>
|
|
-# endif
|
|
+# include <openssl/symhacks.h>
|
|
|
|
# include <openssl/opensslconf.h>
|
|
|
|
@@ -36,9 +34,8 @@ int ERR_load_DH_strings(void);
|
|
# define DH_F_DH_CMS_DECRYPT 114
|
|
# define DH_F_DH_CMS_SET_PEERKEY 115
|
|
# define DH_F_DH_CMS_SET_SHARED_INFO 116
|
|
-# define DH_F_DH_COMPUTE_KEY 203
|
|
-# define DH_F_DH_GENERATE_KEY 202
|
|
-# define DH_F_DH_GENERATE_PARAMETERS_EX 201
|
|
+# define DH_F_DH_COMPUTE_KEY 126
|
|
+# define DH_F_DH_GENERATE_PARAMETERS_EX 127
|
|
# define DH_F_DH_METH_DUP 117
|
|
# define DH_F_DH_METH_NEW 118
|
|
# define DH_F_DH_METH_SET1_NAME 119
|
|
@@ -76,14 +73,14 @@ int ERR_load_DH_strings(void);
|
|
# define DH_R_INVALID_PARAMETER_NID 114
|
|
# define DH_R_INVALID_PUBKEY 102
|
|
# define DH_R_KDF_PARAMETER_ERROR 112
|
|
-# define DH_R_KEY_SIZE_TOO_SMALL 201
|
|
# define DH_R_KEYS_NOT_SET 108
|
|
+# define DH_R_KEY_SIZE_TOO_SMALL 126
|
|
# define DH_R_MISSING_PUBKEY 125
|
|
# define DH_R_MODULUS_TOO_LARGE 103
|
|
+# define DH_R_NON_FIPS_METHOD 127
|
|
# define DH_R_NOT_SUITABLE_GENERATOR 120
|
|
# define DH_R_NO_PARAMETERS_SET 107
|
|
# define DH_R_NO_PRIVATE_VALUE 100
|
|
-# define DH_R_NON_FIPS_METHOD 202
|
|
# define DH_R_PARAMETER_ENCODING_ERROR 105
|
|
# define DH_R_PEER_KEY_ERROR 111
|
|
# define DH_R_SHARED_INFO_ERROR 113
|
|
--- a/include/openssl/dsaerr.h
|
|
+++ b/include/openssl/dsaerr.h
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -11,9 +11,7 @@
|
|
#ifndef HEADER_DSAERR_H
|
|
# define HEADER_DSAERR_H
|
|
|
|
-# ifndef HEADER_SYMHACKS_H
|
|
-# include <openssl/symhacks.h>
|
|
-# endif
|
|
+# include <openssl/symhacks.h>
|
|
|
|
# include <openssl/opensslconf.h>
|
|
|
|
@@ -29,13 +27,13 @@ int ERR_load_DSA_strings(void);
|
|
*/
|
|
# define DSA_F_DSAPARAMS_PRINT 100
|
|
# define DSA_F_DSAPARAMS_PRINT_FP 101
|
|
-# define DSA_F_DSA_BUILTIN_KEYGEN 202
|
|
+# define DSA_F_DSA_BUILTIN_KEYGEN 108
|
|
# define DSA_F_DSA_BUILTIN_PARAMGEN 125
|
|
# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
|
|
-# define DSA_F_DSA_GENERATE_KEY 201
|
|
-# define DSA_F_DSA_GENERATE_PARAMETERS_EX 200
|
|
# define DSA_F_DSA_DO_SIGN 112
|
|
# define DSA_F_DSA_DO_VERIFY 113
|
|
+# define DSA_F_DSA_GENERATE_KEY 109
|
|
+# define DSA_F_DSA_GENERATE_PARAMETERS_EX 110
|
|
# define DSA_F_DSA_METH_DUP 127
|
|
# define DSA_F_DSA_METH_NEW 128
|
|
# define DSA_F_DSA_METH_SET1_NAME 129
|
|
@@ -63,13 +61,13 @@ int ERR_load_DSA_strings(void);
|
|
# define DSA_R_DECODE_ERROR 104
|
|
# define DSA_R_INVALID_DIGEST_TYPE 106
|
|
# define DSA_R_INVALID_PARAMETERS 112
|
|
-# define DSA_R_KEY_SIZE_INVALID 201
|
|
-# define DSA_R_KEY_SIZE_TOO_SMALL 202
|
|
+# define DSA_R_KEY_SIZE_INVALID 114
|
|
+# define DSA_R_KEY_SIZE_TOO_SMALL 115
|
|
# define DSA_R_MISSING_PARAMETERS 101
|
|
# define DSA_R_MISSING_PRIVATE_KEY 111
|
|
# define DSA_R_MODULUS_TOO_LARGE 103
|
|
+# define DSA_R_NON_FIPS_DSA_METHOD 116
|
|
# define DSA_R_NO_PARAMETERS_SET 107
|
|
-# define DSA_R_NON_FIPS_DSA_METHOD 200
|
|
# define DSA_R_PARAMETER_ENCODING_ERROR 105
|
|
# define DSA_R_Q_NOT_PRIME 113
|
|
# define DSA_R_SEED_LEN_SMALL 110
|
|
--- a/include/openssl/ecerr.h
|
|
+++ b/include/openssl/ecerr.h
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -11,9 +11,7 @@
|
|
#ifndef HEADER_ECERR_H
|
|
# define HEADER_ECERR_H
|
|
|
|
-# ifndef HEADER_SYMHACKS_H
|
|
-# include <openssl/symhacks.h>
|
|
-# endif
|
|
+# include <openssl/symhacks.h>
|
|
|
|
# include <openssl/opensslconf.h>
|
|
|
|
@@ -143,6 +141,7 @@ int ERR_load_EC_strings(void);
|
|
# define EC_F_EC_KEY_PRINT_FP 181
|
|
# define EC_F_EC_KEY_PRIV2BUF 279
|
|
# define EC_F_EC_KEY_PRIV2OCT 256
|
|
+# define EC_F_EC_KEY_PUBLIC_CHECK 299
|
|
# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
|
|
# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 258
|
|
# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 259
|
|
--- a/include/openssl/evperr.h
|
|
+++ b/include/openssl/evperr.h
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -22,15 +22,15 @@ int ERR_load_EVP_strings(void);
|
|
* EVP function codes.
|
|
*/
|
|
# define EVP_F_AESNI_INIT_KEY 165
|
|
-# define EVP_F_AESNI_XTS_INIT_KEY 233
|
|
+# define EVP_F_AESNI_XTS_INIT_KEY 207
|
|
# define EVP_F_AES_GCM_CTRL 196
|
|
# define EVP_F_AES_INIT_KEY 133
|
|
# define EVP_F_AES_OCB_CIPHER 169
|
|
# define EVP_F_AES_T4_INIT_KEY 178
|
|
-# define EVP_F_AES_T4_XTS_INIT_KEY 234
|
|
+# define EVP_F_AES_T4_XTS_INIT_KEY 208
|
|
# define EVP_F_AES_WRAP_CIPHER 170
|
|
-# define EVP_F_AES_XTS_CIPHER 229
|
|
-# define EVP_F_AES_XTS_INIT_KEY 235
|
|
+# define EVP_F_AES_XTS_CIPHER 210
|
|
+# define EVP_F_AES_XTS_INIT_KEY 209
|
|
# define EVP_F_ALG_MODULE_INIT 177
|
|
# define EVP_F_ARIA_CCM_INIT_KEY 175
|
|
# define EVP_F_ARIA_GCM_CTRL 197
|
|
@@ -146,9 +146,9 @@ int ERR_load_EVP_strings(void);
|
|
# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
|
|
# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
|
|
# define EVP_R_DECODE_ERROR 114
|
|
-# define EVP_R_DISABLED_FOR_FIPS 200
|
|
# define EVP_R_DIFFERENT_KEY_TYPES 101
|
|
# define EVP_R_DIFFERENT_PARAMETERS 153
|
|
+# define EVP_R_DISABLED_FOR_FIPS 185
|
|
# define EVP_R_ERROR_LOADING_SECTION 165
|
|
# define EVP_R_ERROR_SETTING_FIPS_MODE 166
|
|
# define EVP_R_EXPECTING_AN_HMAC_KEY 174
|
|
@@ -184,15 +184,15 @@ int ERR_load_EVP_strings(void);
|
|
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
|
|
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
|
|
# define EVP_R_OPERATON_NOT_INITIALIZED 151
|
|
-# define EVP_R_PARAMETER_TOO_LARGE 187
|
|
# define EVP_R_OUTPUT_WOULD_OVERFLOW 184
|
|
+# define EVP_R_PARAMETER_TOO_LARGE 187
|
|
# define EVP_R_PARTIALLY_OVERLAPPING 162
|
|
# define EVP_R_PBKDF2_ERROR 181
|
|
# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
|
|
# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
|
|
# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
|
|
# define EVP_R_PUBLIC_KEY_NOT_RSA 106
|
|
-# define EVP_R_TOO_LARGE 201
|
|
+# define EVP_R_TOO_LARGE 186
|
|
# define EVP_R_UNKNOWN_CIPHER 160
|
|
# define EVP_R_UNKNOWN_DIGEST 161
|
|
# define EVP_R_UNKNOWN_OPTION 169
|
|
@@ -208,7 +208,6 @@ int ERR_load_EVP_strings(void);
|
|
# define EVP_R_UNSUPPORTED_SALT_TYPE 126
|
|
# define EVP_R_WRAP_MODE_NOT_ALLOWED 170
|
|
# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
|
|
-# define EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE 191
|
|
-# define EVP_R_XTS_DUPLICATED_KEYS 192
|
|
+# define EVP_R_XTS_DUPLICATED_KEYS 183
|
|
|
|
#endif
|
|
--- a/include/openssl/rsaerr.h
|
|
+++ b/include/openssl/rsaerr.h
|
|
@@ -1,6 +1,6 @@
|
|
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
@@ -11,9 +11,7 @@
|
|
#ifndef HEADER_RSAERR_H
|
|
# define HEADER_RSAERR_H
|
|
|
|
-# ifndef HEADER_SYMHACKS_H
|
|
-# include <openssl/symhacks.h>
|
|
-# endif
|
|
+# include <openssl/symhacks.h>
|
|
|
|
# ifdef __cplusplus
|
|
extern "C"
|
|
@@ -25,7 +23,7 @@ int ERR_load_RSA_strings(void);
|
|
*/
|
|
# define RSA_F_CHECK_PADDING_MD 140
|
|
# define RSA_F_ENCODE_PKCS1 146
|
|
-# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 206
|
|
+# define RSA_F_FIPS_RSA_BUILTIN_KEYGEN 168
|
|
# define RSA_F_INT_RSA_VERIFY 145
|
|
# define RSA_F_OLD_RSA_PRIV_DECODE 147
|
|
# define RSA_F_PKEY_PSS_INIT 165
|
|
@@ -40,8 +38,8 @@ int ERR_load_RSA_strings(void);
|
|
# define RSA_F_RSA_CHECK_KEY_EX 160
|
|
# define RSA_F_RSA_CMS_DECRYPT 159
|
|
# define RSA_F_RSA_CMS_VERIFY 158
|
|
-# define RSA_F_RSA_GENERATE_KEY_EX 204
|
|
-# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 207
|
|
+# define RSA_F_RSA_GENERATE_KEY_EX 169
|
|
+# define RSA_F_RSA_GENERATE_MULTI_PRIME_KEY 170
|
|
# define RSA_F_RSA_ITEM_VERIFY 148
|
|
# define RSA_F_RSA_METH_DUP 161
|
|
# define RSA_F_RSA_METH_NEW 162
|
|
@@ -77,18 +75,18 @@ int ERR_load_RSA_strings(void);
|
|
# define RSA_F_RSA_PARAM_DECODE 164
|
|
# define RSA_F_RSA_PRINT 115
|
|
# define RSA_F_RSA_PRINT_FP 116
|
|
+# define RSA_F_RSA_PRIVATE_DECRYPT 171
|
|
+# define RSA_F_RSA_PRIVATE_ENCRYPT 172
|
|
# define RSA_F_RSA_PRIV_DECODE 150
|
|
# define RSA_F_RSA_PRIV_ENCODE 138
|
|
-# define RSA_F_RSA_PRIVATE_DECRYPT 200
|
|
-# define RSA_F_RSA_PRIVATE_ENCRYPT 201
|
|
# define RSA_F_RSA_PSS_GET_PARAM 151
|
|
# define RSA_F_RSA_PSS_TO_CTX 155
|
|
+# define RSA_F_RSA_PUBLIC_DECRYPT 173
|
|
+# define RSA_F_RSA_PUBLIC_ENCRYPT 174
|
|
# define RSA_F_RSA_PUB_DECODE 139
|
|
-# define RSA_F_RSA_PUBLIC_DECRYPT 202
|
|
-# define RSA_F_RSA_PUBLIC_ENCRYPT 203
|
|
# define RSA_F_RSA_SETUP_BLINDING 136
|
|
-# define RSA_F_RSA_SET_DEFAULT_METHOD 205
|
|
-# define RSA_F_RSA_SET_METHOD 204
|
|
+# define RSA_F_RSA_SET_DEFAULT_METHOD 175
|
|
+# define RSA_F_RSA_SET_METHOD 176
|
|
# define RSA_F_RSA_SIGN 117
|
|
# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
|
|
# define RSA_F_RSA_VERIFY 119
|
|
@@ -139,19 +137,19 @@ int ERR_load_RSA_strings(void);
|
|
# define RSA_R_KEY_PRIME_NUM_INVALID 165
|
|
# define RSA_R_KEY_SIZE_TOO_SMALL 120
|
|
# define RSA_R_LAST_OCTET_INVALID 134
|
|
-# define RSA_R_MISSING_PRIVATE_KEY 179
|
|
# define RSA_R_MGF1_DIGEST_NOT_ALLOWED 152
|
|
+# define RSA_R_MISSING_PRIVATE_KEY 179
|
|
# define RSA_R_MODULUS_TOO_LARGE 105
|
|
# define RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R 168
|
|
# define RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D 169
|
|
# define RSA_R_MP_R_NOT_PRIME 170
|
|
+# define RSA_R_NON_FIPS_RSA_METHOD 171
|
|
# define RSA_R_NO_PUBLIC_EXPONENT 140
|
|
-# define RSA_R_NON_FIPS_RSA_METHOD 200
|
|
# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
|
|
# define RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES 172
|
|
# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
|
|
# define RSA_R_OAEP_DECODING_ERROR 121
|
|
-# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 201
|
|
+# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 173
|
|
# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
|
|
# define RSA_R_PADDING_CHECK_FAILED 114
|
|
# define RSA_R_PKCS_DECODING_ERROR 159
|
|
@@ -171,7 +169,7 @@ int ERR_load_RSA_strings(void);
|
|
# define RSA_R_UNSUPPORTED_LABEL_SOURCE 163
|
|
# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
|
|
# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
|
|
-# define RSA_R_UNSUPPORTED_PARAMETERS 202
|
|
+# define RSA_R_UNSUPPORTED_PARAMETERS 174
|
|
# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
|
|
# define RSA_R_VALUE_MISSING 147
|
|
# define RSA_R_WRONG_SIGNATURE_LENGTH 119
|